TLS is not optional any more

7 files changed, 4 insertions, 70 deletions

diff --git a/INSTALL b/INSTALL
index 5757164..cbb0dfc 100644
--- a/INSTALL
+++ b/INSTALL
@@ -7,8 +7,8 @@ Dependencies
 - gmake
 - pthreads
 - libao
+- gnutls
 - libfaad2 and/or libmad
-- gnutls (optional)
 - UTF-8 console/locale
 
 Building
@@ -42,9 +42,6 @@ DISABLE_FAAD=1
 	Disables AAC playback.
 DISABLE_MAD=1
 	Disables MP3 playback.
-DISABLE_GNUTLS=1
-	Disables TLS support. Don’t do this if you intent to run pianobar on a
-	public/unsafe network.
 
 Mac OS X
 ++++++++
diff --git a/Makefile b/Makefile
index 2546ae9..e0030f1 100644
--- a/Makefile
+++ b/Makefile
@@ -85,13 +85,8 @@ else
 	LIBMAD_LDFLAGS=-lmad
 endif
 
-ifeq (${DISABLE_GNUTLS}, 1)
-	LIBGNUTLS_CFLAGS=
-	LIBGNUTLS_LDFLAGS=
-else
-	LIBGNUTLS_CFLAGS=-DENABLE_TLS
-	LIBGNUTLS_LDFLAGS=-lgnutls
-endif
+LIBGNUTLS_CFLAGS=
+LIBGNUTLS_LDFLAGS=-lgnutls
 
 # build pianobar
 ifeq (${DYNLINK},1)
diff --git a/src/libwaitress/waitress.c b/src/libwaitress/waitress.c
index d4081ef..f6d4d03 100644
--- a/src/libwaitress/waitress.c
+++ b/src/libwaitress/waitress.c
@@ -40,9 +40,7 @@ THE SOFTWARE.
 #include <errno.h>
 #include <assert.h>
 
-#ifdef ENABLE_TLS
 #include <gnutls/x509.h>
-#endif
 
 #include "config.h"
 #include "waitress.h"
@@ -60,14 +58,12 @@ void WaitressInit (WaitressHandle_t *waith, const char *caPath) {
 
 	memset (waith, 0, sizeof (*waith));
 	waith->timeout = 30000;
-#ifdef ENABLE_TLS
 	if (caPath != NULL) {
 		gnutls_certificate_allocate_credentials (&waith->tlsCred);
 		gnutls_certificate_set_x509_trust_file (waith->tlsCred, caPath,
 				GNUTLS_X509_FMT_PEM);
 		waith->tlsInitialized = true;
 	}
-#endif
 }
 
 void WaitressFree (WaitressHandle_t *waith) {
@@ -75,11 +71,9 @@ void WaitressFree (WaitressHandle_t *waith) {
 
 	free (waith->url.url);
 	free (waith->proxy.url);
-#ifdef ENABLE_TLS
 	if (waith->tlsInitialized) {
 		gnutls_certificate_free_credentials (waith->tlsCred);
 	}
-#endif
 	memset (waith, 0, sizeof (*waith));
 }
 
@@ -477,7 +471,6 @@ static WaitressReturn_t WaitressOrdinaryWrite (WaitressHandle_t *waith,
 	return waith->request.readWriteRet;
 }
 
-#ifdef ENABLE_TLS
 static WaitressReturn_t WaitressGnutlsWrite (WaitressHandle_t *waith,
 		const char *buf, const size_t size) {
 	if (gnutls_record_send (waith->request.tlsSession, buf, size) < 0) {
@@ -485,7 +478,6 @@ static WaitressReturn_t WaitressGnutlsWrite (WaitressHandle_t *waith,
 	}
 	return waith->request.readWriteRet;
 }
-#endif
 
 /*	read () wrapper with poll () timeout
  *	@param waitress handle
@@ -527,7 +519,6 @@ static WaitressReturn_t WaitressOrdinaryRead (WaitressHandle_t *waith,
 	return waith->request.readWriteRet;
 }
 
-#ifdef ENABLE_TLS
 static WaitressReturn_t WaitressGnutlsRead (WaitressHandle_t *waith,
 		char *buf, const size_t size, size_t *retSize) {
 	ssize_t ret = gnutls_record_recv (waith->request.tlsSession, buf, size);
@@ -538,7 +529,6 @@ static WaitressReturn_t WaitressGnutlsRead (WaitressHandle_t *waith,
 	}
 	return waith->request.readWriteRet;
 }
-#endif
 
 /*	send basic http authorization
  *	@param waitress handle
@@ -704,7 +694,6 @@ static int WaitressParseStatusline (const char * const line) {
 	return -1;
 }
 
-#ifdef ENABLE_TLS
 /*	verify server certificate
  */
 static int WaitressTlsVerify (gnutls_session_t session) {
@@ -754,7 +743,6 @@ static int WaitressTlsVerify (gnutls_session_t session) {
 
 	return 0;
 }
-#endif
 
 /*	Connect to server
  */
@@ -813,7 +801,6 @@ static WaitressReturn_t WaitressConnect (WaitressHandle_t *waith) {
 		return WAITRESS_RET_CONNECT_REFUSED;
 	}
 
-#ifdef ENABLE_TLS
 	if (waith->url.tls) {
 		/* set up proxy tunnel */
 		if (WaitressProxyEnabled (waith)) {
@@ -834,7 +821,6 @@ static WaitressReturn_t WaitressConnect (WaitressHandle_t *waith) {
 			return WAITRESS_RET_TLS_HANDSHAKE_ERR;
 		}
 	}
-#endif
 
 	return WAITRESS_RET_OK;
 }
@@ -1044,7 +1030,6 @@ WaitressReturn_t WaitressFetchCall (WaitressHandle_t *waith) {
 	waith->request.read = WaitressOrdinaryRead;
 	waith->request.write = WaitressOrdinaryWrite;
 
-#ifdef ENABLE_TLS
 	if (waith->url.tls) {
 		assert (waith->tlsInitialized);
 
@@ -1076,11 +1061,6 @@ WaitressReturn_t WaitressFetchCall (WaitressHandle_t *waith) {
 		gnutls_certificate_set_verify_function (waith->tlsCred,
 				WaitressTlsVerify);
 	}
-#else
-	if (waith->url.tls) {
-		return WAITRESS_RET_TLS_DISABLED;
-	}
-#endif
 
 	/* request */
 	if ((wRet = WaitressConnect (waith)) == WAITRESS_RET_OK) {
@@ -1095,12 +1075,10 @@ WaitressReturn_t WaitressFetchCall (WaitressHandle_t *waith) {
 	}
 
 	/* cleanup */
-#ifdef ENABLE_TLS
 	if (waith->url.tls) {
 		gnutls_bye (waith->request.tlsSession, GNUTLS_SHUT_RDWR);
 		gnutls_deinit (waith->request.tlsSession);
 	}
-#endif
 	close (waith->request.sockfd);
 
 	if (wRet == WAITRESS_RET_OK &&
@@ -1306,9 +1284,7 @@ int main () {
 	compareStr (WaitressBase64Encode ("The quick brown fox jumped over the lazy do"),
 			"VGhlIHF1aWNrIGJyb3duIGZveCBqdW1wZWQgb3ZlciB0aGUgbGF6eSBkbw==");
 
-#ifdef ENABLE_TLS
 	gnutls_global_init ();
-#endif
 	WaitressHandle_t waith;
 	char *buf;
 	WaitressInit (&waith);
@@ -1317,9 +1293,7 @@ int main () {
 	printf ("%s\n", buf);
 	free (buf);
 	WaitressFree (&waith);
-#ifdef ENABLE_TLS
 	gnutls_global_deinit ();
-#endif
 
 	return EXIT_SUCCESS;
 }
diff --git a/src/libwaitress/waitress.h b/src/libwaitress/waitress.h
index bc697e7..8d4e5a4 100644
--- a/src/libwaitress/waitress.h
+++ b/src/libwaitress/waitress.h
@@ -27,9 +27,7 @@ THE SOFTWARE.
 #include <stdlib.h>
 #include <unistd.h>
 #include <stdbool.h>
-#ifdef ENABLE_TLS
 #include <gnutls/gnutls.h>
-#endif
 
 #define WAITRESS_BUFFER_SIZE 10*1024
 
@@ -93,19 +91,15 @@ typedef struct {
 	void *data;
 	WaitressCbReturn_t (*callback) (void *, size_t, void *);
 	int timeout;
-#ifdef ENABLE_TLS
 	gnutls_certificate_credentials_t tlsCred;
 	bool tlsInitialized;
-#endif
 
 	/* per-request data */
 	struct {
 		size_t contentLength, contentReceived, chunkSize;
 		int sockfd;
 		char *buf;
-#ifdef ENABLE_TLS
 		gnutls_session_t tlsSession;
-#endif
 		/* first argument is WaitressHandle_t, but that's not defined here */
 		WaitressHandlerReturn_t (*dataHandler) (void *, char *, const size_t);
 		ssize_t (*read) (void *, char *, const size_t, ssize_t *);
diff --git a/src/main.c b/src/main.c
index 668bdbf..d4bf6fb 100644
--- a/src/main.c
+++ b/src/main.c
@@ -338,23 +338,15 @@ int main (int argc, char **argv) {
 
 	/* init some things */
 	ao_initialize ();
-#ifdef ENABLE_TLS
 	gnutls_global_init ();
-#endif
 	PianoInit (&app.ph);
 
 	BarSettingsInit (&app.settings);
 	BarSettingsRead (&app.settings);
 
-#ifdef ENABLE_TLS
 	WaitressInit (&app.waith, app.settings.tlsCaPath);
-#else
-	WaitressInit (&app.waith, NULL);
-#endif
 	app.waith.url.host = strdup (PIANO_RPC_HOST);
-#ifdef ENABLE_TLS
-	app.waith.url.tls = app.settings.tls;
-#endif
+	app.waith.url.tls = true;
 
 	BarUiMsg (&app.settings, MSG_NONE,
 			"Welcome to " PACKAGE " (" VERSION ")! ");
@@ -394,9 +386,7 @@ int main (int argc, char **argv) {
 	PianoDestroyPlaylist (app.playlist);
 	WaitressFree (&app.waith);
 	ao_shutdown();
-#ifdef ENABLE_TLS
 	gnutls_global_deinit ();
-#endif
 	BarSettingsDestroy (&app.settings);
 
 	/* restore terminal attributes, zsh doesn't need this, bash does... */
diff --git a/src/settings.c b/src/settings.c
index 04bfff0..f29fcfa 100644
--- a/src/settings.c
+++ b/src/settings.c
@@ -93,9 +93,7 @@ void BarSettingsDestroy (BarSettings_t *settings) {
 	free (settings->npStationFormat);
 	free (settings->listSongFormat);
 	free (settings->fifo);
-#ifdef ENABLE_TLS
 	free (settings->tlsCaPath);
-#endif
 	for (size_t i = 0; i < MSG_COUNT; i++) {
 		free (settings->msgFormat[i].prefix);
 		free (settings->msgFormat[i].postfix);
@@ -134,10 +132,7 @@ void BarSettingsRead (BarSettings_t *settings) {
 	settings->listSongFormat = strdup ("%i) %a - %t%r");
 	settings->fifo = malloc (PATH_MAX * sizeof (*settings->fifo));
 	BarGetXdgConfigDir (PACKAGE "/ctl", settings->fifo, PATH_MAX);
-#ifdef ENABLE_TLS
-	settings->tls = true;
 	settings->tlsCaPath = strdup ("/etc/ssl/certs/ca-certificates.crt");
-#endif
 
 	settings->msgFormat[MSG_NONE].prefix = NULL;
 	settings->msgFormat[MSG_NONE].postfix = NULL;
@@ -246,17 +241,9 @@ void BarSettingsRead (BarSettings_t *settings) {
 		} else if (streq ("fifo", key)) {
 			free (settings->fifo);
 			settings->fifo = strdup (val);
-#ifdef ENABLE_TLS
-		} else if (streq ("tls", key)) {
-			if (streq ("1", val)) {
-				settings->tls = true;
-			} else {
-				settings->tls = false;
-			}
 		} else if (streq ("tls_ca_path", key)) {
 			free (settings->tlsCaPath);
 			settings->tlsCaPath = strdup (val);
-#endif
 		} else if (strncmp (formatMsgPrefix, key,
 				strlen (formatMsgPrefix)) == 0) {
 			static const char *mapping[] = {"none", "info", "nowplaying",
diff --git a/src/settings.h b/src/settings.h
index e5c3dd6..6cb4cb2 100644
--- a/src/settings.h
+++ b/src/settings.h
@@ -96,10 +96,7 @@ typedef struct {
 	char *npStationFormat;
 	char *listSongFormat;
 	char *fifo;
-#ifdef ENABLE_TLS
-	bool tls;
 	char *tlsCaPath;
-#endif
 	BarMsgFormatStr_t msgFormat[MSG_COUNT];
 } BarSettings_t;